Tag Archives: dhparam

Plesk

Add DHParam to Plesk Panel

You can fix Logjam for the Plesk Panel by simply adding the standard Nginx dhparam directive to the plesk.conf file.
Very similar to previous posts on adding OCSP and HSTS to Plesk.

First you will need to create your dhparam, you can follow my guide Creating DH Parameters, and then locate the file and edit with your favourite editor…

And add the Nginx ssl_dhparam directive above the certificate entries like so…

Save the file and restart the Plesk server…

And you are good to go.
I hope that helps someone.

Ubuntu

Creating DH Parameters

By default DH Parameters are just 1024bits in Ubuntu 12.04.5 LTS which is considered weak by todays standards.
You will need to create a new one of either 2048Bit or 4096Bit depending on your certificates public key size.

1. Create a folder to hold the dhparams…

2. Move to that directory

3. Create the new DH Parameters, at 2048Bit

And 4096Bit (this will take some time)

5. You can also create DSA versions, at 2048Bit…

And 4096Bit

Now you can add the directives to your servers, Courier-Imap, Dovecot, Nginx and Postfix.

Courier-Imap

Dovecot (creates it’s own)

Nginx

Postfix

Enjoy!